Click to Skip Ad
Closing in...
  1. AirPods 2 Price
    11:46 Deals

    Amazon’s AirPods 2 price is the lowest it’s been all year, but not for much lo…

  2. Best Car Detailing Products
    14:14 Deals

    The best car detailing product is a $5.59 tool on Amazon that pros don’t want you to…

  3. Best Robot Vacuum Deals
    13:00 Deals

    Amazon’s best Roomba vacuum deal is the Roomba 675 for $199

  4. Furrion Outdoor TV Deals Reviews
    10:32 Deals

    These Furrion outdoor TV deals are crazy, and up to $400 off today at Amazon

  5. Wireless CarPlay Adapter
    08:41 Deals

    Finally! CarlinKit 2.0 on Amazon converts your car’s regular CarPlay to wireless Car…

Massive SIM card hack might have been too sophisticated to be caught in time

February 26th, 2015 at 10:45 PM
Gemalto SIM Card Hack

A new Snowden leak a few days ago revealed that the NSA and GCHQ conducted a complex hack operation that focused on obtaining the secure encryption keys that protect mobile communications in devices with SIM cards. A subsequent report revealed that the goal of spy agencies might have been a lot bigger, as they may have been hunting for other security keys that would let them deploy spyware on any mobile device with a SIM card inside, and users would have no idea that anything had happened.

FROM EARLIER: Gemalto confirms hack, but denies massive SIM keys theft

Gemalto acknowledged the hack, but downplayed it, saying it couldn’t have resulted in a mass-theft of SIM card keys. The company also said that even if the hack was successful, it wouldn’t actually be useful against 3G and 4G technologies. But The Intercept, which first shed light on the matter, has now raised several questions on the validity of Gemalto’s reassuring claims.

The publication spoke to many security experts who aren’t convinced that Gemalto has done a thorough investigation of the reported hack in less than a week. These experts claim that Gemalto is basically trying to put the story to bed and make sure its investors and customers stop worrying about the NSA and GCHQ being able to spy on potentially billions of handset users who have one such SIM card in their devices.

Gemalto might have made “erroneous statements about cellphone technology” and “highly questionable claims” regarding the matter.

Some security experts say that Gemalto’s security team wouldn’t even be able to recognize and deal with an attack coming from a government agency rather than a group of hackers acting on their own, as spy agencies can hit targets without leaving any traces. This appears to have been the case with this hack, which was first brought to the attention of the public and the company by a Snowden leak.

“Gemalto learned about this five-year old hack by GCHQ when the The Intercept called them up for a comment last week. That doesn’t sound like they’re on top of things, and it certainly suggests they don’t have the in-house capability to detect and thwart sophisticated state-sponsored attacks,” American Civil Liberties Union chief technologist Christopher Soghoian told the publication.

“Their ‘investigation’ seem to have consisted of asking their security team which attacks they detected over the past few years. That isn’t much of an investigation, and it certainly won’t reveal successful nation-state attacks,” he added.

“They are saying that NSA/GCHQ could not have breached those technologies due to ‘additional encryption’ mechanisms that they don’t specify and yet here we have evidence that GCHQ and NSA were actively compromising encryption keys,” Johns Hopkins Information Security Institute cryptography specialist Matthew Green said.

The full report is available at the source link.

Chris Smith started writing about gadgets as a hobby, and before he knew it he was sharing his views on tech stuff with readers around the world. Whenever he's not writing about gadgets he miserably fails to stay away from them, although he desperately tries. But that's not necessarily a bad thing.

Popular News